Hide Forgot
OpenLDAP slapd crashes on what seems to be a null-ptr-dereference after receiving a malicious TCP packet. Reference: https://bugs.openldap.org/show_bug.cgi?id=9370
Created openldap tracking bugs for this issue: Affects: fedora-all [bug 1895288]
Upstream fixes: Main branch : https://git.openldap.org/openldap/openldap/-/commit/6abfd60078af02d56edb3b6897692cdd09a08971 https://git.openldap.org/openldap/openldap/-/commit/a08a2db4063f54a6217a0f091aebd02f8bdb482e 2.4 branch : https://git.openldap.org/openldap/openldap/-/commit/4c774220a752bf8e3284984890dc0931fe73165d
Statement: This vulnerability affects the server side only. As a result, OpenLDAP client components, such as the component shipped in Red Hat Enterprise Linux 8, are not affected by this flaw.